package cn.tedu.stx_admin.controller;

import cn.tedu.stx_common.pojo.authentication.CurrentPrinciple;
import cn.tedu.stx_common.web.JsonResult;
import com.github.xiaoymin.knife4j.annotations.ApiOperationSupport;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.annotation.AuthenticationPrincipal;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import springfox.documentation.annotations.ApiIgnore;

@Api(tags = "测试访问")
@RestController
@RequestMapping("/test/")
public class TestController {

    @ApiOperation(value = "直接访问")
    @ApiOperationSupport(order = 100)
    @GetMapping("permit")
    public JsonResult permit(){
        return JsonResult.ok();
    }

    @ApiOperation(value = "登录后访问")
    @ApiOperationSupport(order = 200)
    @GetMapping("visit-after-login")
    public String VisitAfterLogin(@ApiIgnore @AuthenticationPrincipal CurrentPrinciple principle){

        return "当前当事人："+principle;
    }
    @GetMapping("/create-account")
    @PreAuthorize("hasAuthority('/admin/add-admin')")
    @ApiOperation("需要具有权限")
    @ApiOperationSupport(order = 130)
    public String hasAuthority() {
        return "成功处理请求：需要具有某个权限";
    }
}
